redline | cd7174bf2b72b9b2d5df6a88f19c5befcab108641e2db7e7bc2190d5849d2463 | Triage

Submit
Reports

Overview

overview

Static

static

3f1165d54e...aa.exe

windows7_x64

3f1165d54e...aa.exe

windows10_x64

Sharing

General

Target

3f1165d54ebadca8bc5a8422eb29a2aa.exe
Size

1.4MB
Sample

210317-rlxsa11vj6
MD5

3f1165d54ebadca8bc5a8422eb29a2aa
SHA1

e841505df16313ff99545f56324141fd752aeb8e
SHA256

cd7174bf2b72b9b2d5df6a88f19c5befcab108641e2db7e7bc2190d5849d2463
SHA512

16840e628d01c4c50368f1567a687b2f5b58824df84d6f7cfc089a60b749b4fc0b97bfdf4d8fcd0926fa2f25e5b77c31504724ba42d66b6486238609115e3997

Score

10^/10

redline infostealer

Static task

static1

Behavioral task

behavioral1

Sample

3f1165d54ebadca8bc5a8422eb29a2aa.exe

Resource

win7v20201028

redline infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3f1165d54ebadca8bc5a8422eb29a2aa.exe

Resource

win10v20201028

redline infostealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3f1165d54ebadca8bc5a8422eb29a2aa.exe
- Size
  
  1.4MB
- MD5
  
  3f1165d54ebadca8bc5a8422eb29a2aa
- SHA1
  
  e841505df16313ff99545f56324141fd752aeb8e
- SHA256
  
  cd7174bf2b72b9b2d5df6a88f19c5befcab108641e2db7e7bc2190d5849d2463
- SHA512
  
  16840e628d01c4c50368f1567a687b2f5b58824df84d6f7cfc089a60b749b4fc0b97bfdf4d8fcd0926fa2f25e5b77c31504724ba42d66b6486238609115e3997
Score

10^/10

redline infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineinfostealer

behavioral2

redlineinfostealer

© 2018-2024

Terms | Privacy